PrestaShop / PrestaShop

PrestaShop is the universal open-source software platform to build your e-commerce solution.
https://www.prestashop-project.org/
Other
8.25k stars 4.82k forks source link

[Idea] Set up different subdomain for backoffice #13016

Closed cedricfontaine closed 1 year ago

cedricfontaine commented 5 years ago

For security reason, we would like to serve the back office on a different subdomain than the front office. In Prestashop 1.6 and previous, it was possible to do it. It's not anymore the case. We would like an option to be able to separate the front and back office subdomain url.

khouloudbelguith commented 5 years ago

Hi @cedricfontaine,

Thanks for your report. @PrestaShop/prestashop-core-developers what do you think?

Thanks!

PierreRambaud commented 5 years ago

Can you tell us more about why it's impossible to separate front & back? I just remove my admin directory, change my shop domain and my front's still working well when my back is on another domain. My back's working well too. Running the latest develop branch.

cedricfontaine commented 5 years ago

In 1.6, it was possible to access back office from an url different from the shop_url, it's not the case anymore in 1.7, you're always redirected to the shop_url. We would like to be able either to disable this redirect or specify an url for the back office.

PierreRambaud commented 5 years ago

Hey thanks for teaching me something!

If you add in your config.inc.php (for example,)

define('_PS_BASE_URL_', 'http://ps-test.localhost');

Your website'll have a different url.

I'm able to run a front & a back from different domains / subdomains. Also working with _PS_BASE_URL_SSL_

khouloudbelguith commented 5 years ago

Hi @cedricfontaine,

Any news about your suggestion? Thanks!

cedricfontaine commented 5 years ago

Hello,

We plan to test it in the new few days

On Wed, Apr 24, 2019 at 4:43 AM khouloudbelguith notifications@github.com wrote:

Hi @cedricfontaine https://github.com/cedricfontaine,

Any news about your suggestion? Thanks!

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/PrestaShop/PrestaShop/issues/13016#issuecomment-486127970, or mute the thread https://github.com/notifications/unsubscribe-auth/AAYIMUEV26RU52KODZKUTRTPSAMULANCNFSM4HAPQ36A .

--

Cédric Fontaine Équipe E-commerce Team Décathlon Canada p: +1 514-967-4441 w: www.decathlon.ca e: cedric.fontaine@decathlon.com

khouloudbelguith commented 5 years ago

@cedricfontaine, thanks! Waiting for your feedback.

jolelievre commented 5 years ago

@cedricfontaine I'm not sure if this will work as I don't know exactly how this redirection is managed But maybe you can use the multistore feature to add your second domain and it will allow you to use it (be careful about the multi shop context you are editing though with the second domain)

centoasa commented 5 years ago

Also for me: how can I move my admin from https://www.disney.com/admin to--> https://admin.disney.com ? Thank you

khouloudbelguith commented 5 years ago

Hi @centoasa,

You can use the solution of @PierreRambaud https://github.com/PrestaShop/PrestaShop/issues/13016#issuecomment-475702896 You need to add in your config.inc.php

define('_PS_BASE_URL_', 'https://admin.disney.com');

Thanks!

centoasa commented 5 years ago

@khouloudbelguith but this solution will change my url shop, or only admin? Now my admin have this configuration-->https://nimb.ws/2aqpIB and also I've setup my dns into A admin.100asa.it (ip my server) but if I try to goes into url admin.100asa.it, put into the defualt shop url www.100asa.it

khouloudbelguith commented 5 years ago

@cedricfontaine, in your first screenshot, to access to FO => you need to naviagate to this link https://www.100asa.it/ To access to your BO => you need to navigate to this link https://www.100asa.it/admin_folder_name In your case, you need to change this https://www.100asa.it/admin_folder_name to this https:/www.admin.100asa.it? Thanks!

centoasa commented 5 years ago

@khouloudbelguith yes it's true! I would to access to my admin via https://admin.100asa.it to bypass 100 seconds cloudflare timeout scripts

khouloudbelguith commented 5 years ago

@centoasa,the solution is proposed here https://github.com/PrestaShop/PrestaShop/issues/13016#issuecomment-475702896 Your website'll have different urls. You will be able to run a front & a back from different domains / subdomains. Thanks!

centoasa commented 5 years ago

@khouloudbelguith I've to rebuild .htaccess or change my default url on my backoffice? (please take a look at https://nimb.ws/k8LhvF ) because for now the #13016 solution for me doesn't works!

khouloudbelguith commented 5 years ago

@centoasa, you need to edit the file config.inc.php manuaally which exists in this path /Projet_Folder/config/config.inc.php as described here https://github.com/PrestaShop/PrestaShop/issues/13016#issuecomment-475702896 Thanks!

centoasa commented 5 years ago

config.inc.php.zip here attached my config (please browse to https://back100asa.100asa.it)

khouloudbelguith commented 5 years ago

@centoasa, so with this link https://back100asa.100asa.it you will be redirected to the FO. ping @PierreRambaud what do you think? Thanks!

PierreRambaud commented 5 years ago

If you want to have a different admin url and front url, you need to have two directories for now, there is currently no distinction between both in http/https configuration.

centoasa commented 5 years ago

@PierreRambaud sorry I don't understand

PierreRambaud commented 5 years ago

You need to split directories:

/var/www/front => www.website.com /var/www/back => admin.website.com

You can't setup /var/www/website for www.website.com & admin.website.com. Because of .htaccess which is automatically generated, you need to write your own server configuration. Because of redirection, without the change of PS_BASE_URL, you'll be redirected to the front url. Maybe you can use a reverse proxy?

centoasa commented 5 years ago

@PierreRambaud my request only to prevent Cloudflare 100 seconds timeout for some my admin scripts; now I've a subdomain named cron so I invoke cron.100asa.it to launch prestashop cron module (many module works well, some goes into timeout) as you can see into my attached config file, I was made PS_BASE_URL adding, but always redirection on front.

PierreRambaud commented 5 years ago

Yep, many cron tasks are running without bootstrapping this is why you can call these scripts. As I said, with two directories, I'm able to use different domain for my back and my front.

centoasa commented 5 years ago

@PierreRambaud by my plesk panel, I've created a subdomain named back100asa and copied the full admin directory (100asa.it/admin) into it https://nimb.ws/cbdy3Q Launch back100asa.100asa.it I've error 500

PierreRambaud commented 5 years ago

We need more information than "500", this means, it's a Internal Server Error.

centoasa commented 5 years ago

as you can see from my screenshot, into subdomain back... I've copied all files and folder of prestashop admin. And on /config/config.inc.php I've add the line define('_PS_BASEURL', 'https://back100asa.100asa.it'); That's all. here the apache error: `

AH01071: Got error 'PHP message: PHP Warning: require(/var/www/vhosts/100asa.it/back100asa.100asa.it/../config/config.inc.php): failed to open stream: No such file or directory in /var/www/vhosts/100asa.it/back100asa.100asa.it/index.php on line 42\nPHP message: PHP Warning: require(/var/www/vhosts/100asa.it/back100asa.100asa.it/../config/config.inc.php): failed to open stream: No such file or directory in /var/www/vhosts/100asa.it/back100asa.100asa.it/index.php on line 42\nPHP message: PHP Fatal error: require(): Failed opening required '/var/www/vhosts/100asa.it/back100asa.100asa.it/../config/config.inc.php' (include_path='.:/opt/plesk/php/7.2/share/pear') in /var/www/vhosts/100asa.it/back100asa.100asa.it/index.php on line 42\n'

`

PierreRambaud commented 5 years ago

This file doesn't exists /var/www/vhosts/100asa.it/back100asa.100asa.it/../config/config.inc.php or is not available for reading.

centoasa commented 5 years ago

there was a misunderstood: on the folder /var/www/vhosts/100asa.it/back100asa.100asa.it I've only copied all the admin files and folders the config/config.inc.php is on the root prestashop directory

PierreRambaud commented 5 years ago

You need to copy all files, add symlink for shared files between front and back, like generated images, or .htaccess for the front, it's maybe too complicated and you need to have a serious system administrator / developer to do this kind of job.

centoasa commented 5 years ago

I assumed ...

PierreRambaud commented 5 years ago

But I think we need to create an issue to be able to use the front & the back with the same folder on different domains :)

centoasa commented 5 years ago

@PierreRambaud great idea!!!

khouloudbelguith commented 5 years ago

ping @PrestaShop/prestashop-core-developers what do you think of using the front & the back with the same folder on different domains as suggested by @PierreRambaud?

Thanks!

agnesdennetiere commented 5 years ago

Hello,

any news on this point?

Thanks!

PierreRambaud commented 5 years ago

@agnesdennetiere Nothing planned yet. But full free to help us and contribute :pray:

Bettelstab commented 5 years ago

I'm trying to do this like @PierreRambaud proposed. As a first step, I just try to change the Backoffice URL on a test instance. So I changed the base URI as described via config file.

I still get redirected to the former URL which is still present in the database (PS_SHOP_DOMAIN / PS_SHOP_DOMAIN_SSL in config table plus table *_SHOP_URL). Is there a way to stop that redirect? Could someone point me to the line where that happens?

PS: I'm on 1.7.5.1.

PierreRambaud commented 4 years ago

We should add an option in the backoffice to configure the admin URL and front URL, it's the easiest and best way to do it.

jocel1 commented 4 years ago

You can put at this end of Shop::setUrl():

        $this->domain = $row['domain'];
        $this->domain_ssl = $row['domain_ssl'];

        if (defined('_PS_ADMIN_DIR_') && !empty($_SERVER['HTTP_HOST'])) {
            $this->domain_ssl = $_SERVER['HTTP_HOST'];
            $this->domain = $_SERVER['HTTP_HOST'];
        }

        return true;

with this change it will override the fetch from the DB with the current domain only if we are in the admin dir.

As a bonus just to be sure, you can also create a defines_custom.inc.php in the config dir with:

<?php
if (defined('_PS_ADMIN_DIR_') && !empty($_SERVER['HTTP_HOST'])) {
    define('_PS_BASE_URL_SSL_', 'https://'.$_SERVER['HTTP_HOST']);
    define('_PS_BASE_URL_', 'http://'.$_SERVER['HTTP_HOST']);
}
DeFault-1 commented 3 years ago

I'm trying to do this like @PierreRambaud proposed. As a first step, I just try to change the Backoffice URL on a test instance. So I changed the base URI as described via config file.

I still get redirected to the former URL which is still present in the database (PS_SHOP_DOMAIN / PS_SHOP_DOMAIN_SSL in config table plus table *_SHOP_URL). Is there a way to stop that redirect? Could someone point me to the line where that happens?

PS: I'm on 1.7.5.1.

Probably this redirect is being forced by the PHP code in AdminController.php class or somewhere else.

I am blaming it on Configuration::get('PS_SHOP_DEFAULT')

Ideally there should be two separate Configuration variables:

DeFault-1 commented 3 years ago

We should add an option in the backoffice to configure the admin URL and front URL, it's the easiest and best way to do it.

I do absolutely support this very important improvement. Prestashop's Back Office is notoriously sluggish in version 1.7 and very often you have to wait for more than 2 minutes for the page to be ready. Unfortunately Cloudflare will not permit you to wait for more than 100 seconds, that is a big problem.

PierreRambaud commented 3 years ago

We should add an option in the backoffice to configure the admin URL and front URL, it's the easiest and best way to do it.

I do absolutely support this very important improvement. Prestashop's Back Office is notoriously sluggish in version 1.7 and very often you have to wait for more than 2 minutes for the page to be ready. Unfortunately Cloudflare will not permit you to wait for more than 100 seconds, that is a big problem.

This is an important improvement, I confirm :+1: I plan to work on it in few weeks :)

gyan111 commented 3 years ago

Very productive discussion.

I also want to achieve the same.

Now: front: example.com Back: example.com/admin

Requirement is. front: example.com Back: admin.example.com

I have created a subdomain and pointed it to the to the admin folder.

The back office html loads but js and css are not loading.

Opera Snapshot_2021-07-13_090316_admin cairosales com

I am getting issues like the "Refused to apply stylesheet because the mimetype not supported". See screenshot

Untitled

I have applied all suggestions discussed above but none of them is working.

Please suggest something if possible.

I am using Prestashop 1.6

PierreRambaud commented 3 years ago

Very productive discussion.

I also want to achieve the same.

Now: front: example.com Back: example.com/admin

Requirement is. front: example.com Back: admin.example.com

I have created a subdomain and pointed it to the to the admin folder.

The back office html loads but js and css are not loading.

Opera Snapshot_2021-07-13_090316_admin cairosales com

I am getting issues like the "Refused to apply stylesheet because the mimetype not supported". See screenshot

Untitled

I have applied all suggestions discussed above but none of them is working.

Please suggest something if possible.

I am using Prestashop 1.6

PrestaShop 1.6 is not maintained anymore, we can't do anything related to this version :/

gyan111 commented 3 years ago

Ok! No problem.